Need to overcome ARP legacy of VLAN

Discussion in 'Cisco' started by carcarx@hotmail.com, Nov 23, 2004.

  1. Guest

    Our scenario:

    Two IP addresses in the same subnet provide critical services.
    So that everyone doesn't need to change their settings for these
    services
    we want to move one of those boxes closer to the ingress point for our
    off-site connection and continue to use the same VLAN for that IP
    address.

    More specifically, we want to move 10.10.1.1 to be nearly adjacent
    to our off-site connection. This means, to get back to its "native"
    VLAN
    it would have to cross three switches (and the backbone).

    Our networking guys tell me that, since VLAN tagging is an OSI layer 2
    operation, if the switch that VLAN 1 "homes" to is unreachble, for
    whatever reason,
    this distant "outlier", even though it's not on the "home" switch, will
    still be unreachable. (Sounds essentially like a single ARP entry is
    allocated for
    the VLAN.)

    Is there any VLAN way around this?

    Thanks!
     
    , Nov 23, 2004
    #1
    1. Advertising

  2. In article <>,
    <> wrote:
    :Two IP addresses in the same subnet provide critical services.
    :So that everyone doesn't need to change their settings for these
    :services
    :we want to move one of those boxes closer to the ingress point for our
    :eek:ff-site connection and continue to use the same VLAN for that IP
    :address.

    Sounds reasonable.

    :More specifically, we want to move 10.10.1.1 to be nearly adjacent
    :to our off-site connection. This means, to get back to its "native"
    :VLAN
    :it would have to cross three switches (and the backbone).

    :Our networking guys tell me that, since VLAN tagging is an OSI layer 2
    :eek:peration, if the switch that VLAN 1 "homes" to is unreachble, for
    :whatever reason,
    :this distant "outlier", even though it's not on the "home" switch, will
    :still be unreachable. (Sounds essentially like a single ARP entry is
    :allocated for
    :the VLAN.)

    :Is there any VLAN way around this?

    Either your networking guy is confused, or you haven't explained well.

    There isn't any such thing in VLAN's as "homing". There isn't any
    master switch for a VLAN. A VLAN might possibly have an independant
    spanning tree, but that would be recalculated if one of the pathways
    went down [so if the networking equipment supports per-VLAN spanning
    trees, go ahead and create redundant links carrying that VLAN.]

    There are some factors to consider:

    - If you are connected to a particular VLAN on a local switch, and the
    switch goes down, you will not be able to reach the VLAN. Which is
    the same thing as saying that "If you are connected to a switch
    and the switch goes down, you won't be able to connect to anything at all."
    Nothing magical about VLANs in that, just plain fact that your
    local equipment needs to be up for you to get anywhere.

    - If you have switches L (local), M (middle), and R (remote), and
    you are connected to a VLAN that is carried to all three L, M, and R,
    then R cannot tell the difference between VLAN traffic that was
    injected at L and VLAN traffic that was injected at M. So if your local
    switch goes down, then every other switch that carries that VLAN that
    does not become disconnected, will remain able to carry that VLAN traffic.
    Suppose for example that your desktop connection is on that VLAN on L,
    that the first critical server is on that VLAN on M, and the second
    critical server is on that VLAN on R: then if L goes down, although you
    will lose your ability to access the VLAN, M and R will still happily
    talk to each other as long as there is a remaining connection between
    them. The same would be true if it was M that went down: if your route
    from L to R did not go through M, then you would still be able to reach R
    even though the first critical server was offline until its local
    switch was fixed. Not only does M not "own" or "home" the VLAN, but
    M *cannot* "own" or "home" the VLAN -- there is no such thing in VLAN
    technology. [I do not, though, have any ideas on what would happen if
    your networking people are using VTP (Virtual Trunking Protocol) to
    distribute information about which ports are on which VLAN: you could
    probably get into trouble if your VTP server device went down;
    if so, this would be avoided by not using the convenience of VTP.]

    - If you are connected to a different VLAN, then you must go through
    a router in order to get to the other VLAN, and if the router stops
    routing then you would not be able to reach the other VLAN. Within
    any one VLAN, though, the traffic is switched, not routed, so as long
    as there was a path remaining, the servers on that VLAN would be able
    to talk to each other (but not necessarily to the outside world.)

    --
    Are we *there* yet??
     
    Walter Roberson, Nov 23, 2004
    #2
    1. Advertising

  3. Niche Guest

    "" <> wrote in message news:<>...
    > Our scenario:
    >
    > Two IP addresses in the same subnet provide critical services.
    > So that everyone doesn't need to change their settings for these
    > services
    > we want to move one of those boxes closer to the ingress point for our
    > off-site connection and continue to use the same VLAN for that IP
    > address.
    >
    > More specifically, we want to move 10.10.1.1 to be nearly adjacent
    > to our off-site connection. This means, to get back to its "native"
    > VLAN
    > it would have to cross three switches (and the backbone).


    My assumption:

    Currently those two IP addresses are in the same VLAN, subnet and
    connceting to same switch.

    If the above assumption is true, then this look like an layer 2 issue
    to me. All you have to do is:

    - Make sure that VLAN (which those 2 IP addresses are residing) has
    been included into the trunk between those 3 switches

    - allocate a port and assign that port into the same VLAN in that
    remote switch

    - plug-in the device into that port

    - do a little ping test (or whatever connectivity test you want)
    between those 2 IP addresses (or devices)

    Once the test success, Vola.. there you go.

    >
    > Our networking guys tell me that, since VLAN tagging is an OSI layer 2
    > operation, if the switch that VLAN 1 "homes" to is unreachble, for
    > whatever reason,
    > this distant "outlier", even though it's not on the "home" switch, will
    > still be unreachable. (Sounds essentially like a single ARP entry is
    > allocated for
    > the VLAN.)
    >
    > Is there any VLAN way around this?
    >
    > Thanks!


    No comment... polly just because I am not native English speaker. I
    don't quite able to get his meaning.

    Best Regards,
     
    Niche, Nov 24, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. me

    How do i overcome these error messages ?

    me, Dec 11, 2004, in forum: Computer Information
    Replies:
    4
    Views:
    7,018
  2. arputharaj
    Replies:
    0
    Views:
    1,096
    arputharaj
    Nov 11, 2006
  3. Bill

    Any Ideas To Overcome My Problem

    Bill, Feb 25, 2006, in forum: Computer Support
    Replies:
    11
    Views:
    604
  4. Replies:
    7
    Views:
    10,863
  5. Darren Green

    Arp or Proxy Arp

    Darren Green, Feb 20, 2009, in forum: Cisco
    Replies:
    0
    Views:
    626
    Darren Green
    Feb 20, 2009
Loading...

Share This Page